Ubuntu
ubiquity package

Installer allows invalid usernames

Bug #413147 reported by Ryan Kavanagh on 2009-08-13

6

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	ubiquity (Ubuntu)	Fix Released	Medium	Unassigned

Bug Description

affects ubuntu/ubiquity

ubiquity-frontend-kde version 1.99.6

The installer allows the user to enter an invalid username if the two passwords
match but are too short.

I provided:
Name: Ryan
username: ryan ao
Password1: asdfg
Password2: asdfg
Hostname: ryan

If this does not work for you, try entering a valid username, but keep the
passwords to short. It will ask you if you want to provide a longer password.
Say yes. Then switch to an invalid username, leave the passwords as they are and
hit continue. The same question will appear. Hit continue and proceed with the
invalid username.

See the attached screenshots for more details.

Tags:

Revision history for this message

Ryan Kavanagh (ryanakca) wrote on 2009-08-13:

#0

kne-username.png Edit (309.4 KiB, image/png)
kne-username1.png Edit (57.8 KiB, image/png)
kne-username2.png Edit (60.5 KiB, image/png)

Evan (ev) on 2009-08-17

Changed in ubiquity (Ubuntu):
importance:	Undecided → Medium
status:	New → Confirmed

Revision history for this message

arky (arky) wrote on 2009-09-12:

#1

would this work ? http://pastebin.ubuntu.com/269703/

Revision history for this message

Colin Watson (cjwatson) wrote on 2009-09-12:

#2

No, the problem is incorrect error handling logic somewhere - just hammering the username into shape isn't the right way to fix it.

Revision history for this message

Evan (ev) wrote on 2009-09-18:

#3

syslog Edit (193.7 KiB, text/plain)

Revision history for this message

Evan (ev) wrote on 2009-09-18:

#4

debug Edit (161.6 KiB, text/plain)

Revision history for this message

Evan (ev) wrote on 2009-09-18:

#5

When the user responds to the weak password question with true (allow a weak password), ubiquity preseeds the answers to the username, full name, and hostname questions as part of ok_handler in user-setup.py. However, user-setup-ask does not recheck these values at STATE=7, after it gets a response to the weak password question, because there isn't a way to go back to the questions in debian-installer and change their values without reducing the value of STATE.

Ubuntu QA Website (ubuntuqa) on 2009-11-17

tags:

added: iso-testing

Revision history for this message

Evan (ev) wrote on 2010-03-31:

#6

This is fixed indirectly by the removal of the weak password dialog, which has been replaced with a password strength meter.

Changed in ubiquity (Ubuntu):
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.